Cybercriminals Have Their Eyes Set on Bitcoin

It seems like Bitcoin is gaining popularity not only in the computing industry but in the threat landscape as well.

We recently reported a coupleof attacks involving malware that installs a Bitcoin mining application into systems. Apart from turning systems into unwilling “miners,” such malware also disrupt usage since the mining process takes up a great deal of system resources.

In the midst of talks about security issues surrounding Bitcoin, we found some attacks that target Bitcoin users, albeit through different means.

One of our fraud analysts, Maela Angeles, recently brought to our attention the emergence of phishing sites that target users of Mt. Gox, a popular exchange for Bitcoin.

Seeing this kind of threat, one cannot help but think that a similar attack was probably used to compromise a certain Bitcoin account, which later led to the drop in the Bitcoin price from US$17.50 to merely cents. Mt. Gox issued an advisory about the rise of phishing attacks late last month.

In the course of our effort to better understand how Bitcoin is affecting the threat landscape, we encountered a Web master who reported that he received a threat from a cybercriminal, saying that his site will be DoSed unless he deposits 100 Bitcoins to a certain account.

The nature of Bitcoin presents many opportunities for abuse as well as utilization for cybercriminal operations. The increase in threats that we are now seeing is definitely just the beginning.

Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware:

Security Predictions for 2020

Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.Read our security predictions for 2020.

Business Process Compromise

Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more,
read our Security 101: Business Process Compromise.